A Security Evaluation of Public and Private Tor Bridges
The Tor network represents a revolutionary network protocol that counteracts surveillance, censorship and internet traffic monitoring, via encryption and concealing patterns of communication by routing internet traffic through multiple onion routers (ORs). The IP addresses of some of the entry ORs, which are known as Tor bridges, are concealed so that it would be rather difficult to block traffic routed to the Tor network. To maximize protection even more, Tor bridges utilize “Pluggable Transports” (PTs), which act via disguising traffic destined to the Tor network rendering it hard to trace via deep packet inspection, or via approaches of active probing that connect to a Tor bridge disguising as a Tor user.
A group of researchers from Italy published a study that included a security evaluation of Tor bridges’ infrastructure. Research studies that addressed Tor bridges have been centered on building secure PTs and innovating techniques for tracing the IP addresses of Tor bridges. Nevertheless, no study has ever included a security analysis of Tor bridges’ infrastructure. However, this newly published paper represents the first ever systematic study that examines the security level of the infrastructure of Tor bridges. The paper examines the infrastructure of two types of Tor bridges:
1- Public Tor bridges which represent bridges provided by volunteers for use by any Tor user.
2- Private Tor bridges which represent bridges that are available exclusively for use by selected Tor users who are provided with info about the existence of these bridges.
Even though public Tor bridges are totally identifiable by the Tor network, and report information related to usage and configuration to bridge authorities, private Tor bridges do not report this data so their exact number and properties are unknown. Accordingly, this is the first study to examine the infrastructure of private Tor bridges.
Public Tor Bridges’ Infrastructure Analysis:
The researchers relied on CollecTor to study public Tor bridges. CollecTor is a public Tor service that provides longitudinal data conveyed by public Tor bridges, as well as other Tor nodes. The security analysis of public Tor bridges had two main goals:
1- Concluding if any of the published data can undermine the security of the infrastructure of public Tor bridges.
2- Measurement of the security properties of public Tor bridges. The researchers analyzed the size of the population of public bridges and their stability and found out that only 45% of all public Tor bridges route users’ traffic. Such bridges are long lived and are very stable, with a lifetime of around 4 months and their IP addresses rarely change. Although stability can boost bridge usage, it increases the chance of an adversary to block it if he/she discovers the bridge.
Private Tor Bridges’ Infrastructure Analysis:
To study private Tor bridges, the researchers adopted an approach that relied on scan search engines to find IP addresses that run ORs, connecting to these IP addresses to determine their OR role and utilizes data from CollecTor to filter out relay nodes and know whether a discovered Tor bridge is private or public. The used approach discovered 694 private Tor bridges and uncovered the IP addresses of 35% of public Tor bridges with clients as well as 23% of all the active public Tor bridges.
Results of the Study:
The results of the study proved that 55% of the public Tor bridges, which carry client traffic, are vulnerable to aggressive forms of blockage. Moreover, 90% of bridge clients used default public Tor bridges that are easy to identify. The researchers concluded that the present utilization of Pluggable Transports (PTs) in public Tor bridges decreases the security of most available secure transports and that running non-Tor services using the same bridge as a host can undermine its anonymity.
The researchers’ approach for studying the infrastructure of private Tor bridges led to the discovery of 694 private Tor bridges. The study showed that 35% of all Tor bridges are private and reported the presence of infrastructures that utilize private proxy servers to route internet traffic to relays or backend bridges. The researchers utilized a new clustering approach to examine various infrastructures using bridges and proxies, while also analyzing their security and hosting properties.
The study presented a very informative analysis of the security level of Tor bridges and pointed to the fact that the info provided by CollecTor has to be reduced to increase security levels. The study also confirmed that the info provided by public scan search engines should be considered when building covert services.